Iran

Auto Added by WPeMatico

What you missed in cybersecurity this week

There’s not a week that goes by where cybersecurity doesn’t dominates the headlines. This week was no different. Struggling to keep up? We’ve collected some of the biggest cybersecurity stories from the week to keep you in the know and up to speed.

Malicious websites were used to secretly hack into iPhones for years, says Google

TechCrunch: This was the biggest iPhone security story of the year. Google researchers found a number of websites that were stealthily hacking into thousands of iPhones every week. The operation was carried out by China to target Uyghur Muslims, according to sources, and also targeted Android and Windows users. Google said it was an “indiscriminate” attack through the use of previously undisclosed so-called “zero-day” vulnerabilities.

Hackers could steal a Tesla Model S by cloning its key fob — again

Wired: For the second time in two years, researchers found a serious flaw in the key fobs used to unlock Tesla’s Model S cars. It’s the second time in two years that hackers have successfully cracked the fob’s encryption. Turns out the encryption key was doubled in size from the first time it was cracked. Using twice the resources, the researchers cracked the key again. The good news is that a software update can fix the issue.

Microsoft’s lead EU data watchdog is looking into fresh Windows 10 privacy concerns

TechCrunch: Microsoft could be back in hot water with the Europeans after the Dutch data protection authority asked its Irish counterpart, which oversees the software giant, to investigate Windows 10 for allegedly breaking EU data protection rules. A chief complaint is that Windows 10 collects too much telemetry from its users. Microsoft made some changes after the issue was brought up for the first time in 2017, but the Irish regulator is looking at if these changes go far enough — and if users are adequately informed. Microsoft could be fined up to 4% of its global annual revenue if found to have flouted the law. Based off 2018’s figures, Microsoft could see fines as high as $4.4 billion.

U.S. cyberattack hurt Iran’s ability to target oil tankers, officials say

The New York Times: A secret cyberattack against Iran in June but only reported this week significantly degraded Tehran’s ability to track and target oil tankers in the region. It’s one of several recent offensive operations against a foreign target by the U.S. government in recent moths. Iran’s military seized a British tanker in July in retaliation over a U.S. operation that downed an Iranian drone. According to a senior official, the strike “diminished Iran’s ability to conduct covert attacks” against tankers, but sparked concern that Iran may be able to quickly get back on its feet by fixing the vulnerability used by the Americans to shut down Iran’s operation in the first place.

Apple is turning Siri audio clip review off by default and bringing it in house

TechCrunch: After Apple was caught paying contractors to review Siri queries without user permission, the technology giant said this week it will turn off human review of Siri audio by default and bringing any opt-in review in-house. That means users actively have to allow Apple staff to “grade” audio snippets made through Siri. Apple began audio grading to improve the Siri voice assistant. Amazon, Facebook, Google, and Microsoft have all been caught out using contractors to review user-generated audio.

Hackers are actively trying to steal passwords from two widely used VPNs

Ars Technica: Hackers are targeting and exploiting vulnerabilities in two popular corporate virtual private network (VPN) services. Fortigate and Pulse Secure let remote employees tunnel into their corporate networks from outside the firewall. But these VPN services contain flaws which, if exploited, could let a skilled attacker tunnel into a corporate network without needing an employee’s username or password. That means they can get access to all of the internal resources on that network — potentially leading to a major data breach. News of the attacks came a month after the vulnerabilities in widely used corporate VPNs were first revealed. Thousands of vulnerable endpoints exist — months after the bugs were fixed.

Grand jury indicts alleged Capital One hacker over cryptojacking claims

TechCrunch: And finally, just when you thought the Capital One breach couldn’t get any worse, it does. A federal grand jury said the accused hacker, Paige Thompson, should be indicted on new charges. The alleged hacker is said to have created a tool to detect cloud instances hosted by Amazon Web Services with misconfigured web firewalls. Using that tool, she is accused of breaking into those cloud instances and installing cryptocurrency mining software. This is known as “cryptojacking,” and relies on using computer resources to mine cryptocurrency.

Tech stocks slide on US decision to blacklist Huawei and 70 affiliates

The United States has been lobbying for months to prevent its western allies from using Huawei equipment in their 5G deployment, and on Wednesday, Washington made it more difficult for the Chinese telecom titan to churn out those next-gen products.

The U.S. Department of Commerce announced that it will add Huawei and its 70 affiliates to the so-called ‘Entity List,’ a move that will prevent the telecom giant from buying parts and components from U.S. companies without approval from Washington. That confirms reports of the potential ban a day before.

Despite being the largest telecom equipment maker around the world, Huawei relies heavily on its American suppliers, giving the U.S. much leeway to hobble the Chinese firm’s production.

Following the dramatic move, shares of a gauge of Huawei affiliates slumped on Wednesday. Tatfook Technology, which sells to Huawei as well as Ericsson and Bosch, dropped 2.84 percent in Shenzhen in morning trading. New Sea Union Telecom, a supplier to China’s ‘big three’ telecom network operators and Huawei, slid 4.88 percent. Another Huawei key partner Chunxing Precision Mechanical dropped as much as 5.37 percent.

Huawei did not comment directly on the Commerce Department’s blacklist when reached out by TechCrunch, but said it’s “ready and willing to engage with the U.S. government and come up with effective measures to ensure product security.”

“Restricting Huawei from doing business in the U.S. will not make the U.S. more secure or stronger; instead, this will only serve to limit the U.S. to inferior yet more expensive alternatives, leaving the U.S. lagging behind in 5G deployment, and eventually harming the interests of U.S. companies and consumers,” Huawei hit back in the statement.

This view is congruent with some of the harshest criticisms of Washington’s backlash against Huawei. Scholars and industry observers warn that Chinese tech firms have become such an integral part to the global economy that severing ties with Huawei will do ham to 5G advancement worldwide.

In addition, the Chinese company said the U.S.’s “unreasonable restrictions will infringe upon Huawei’s rights and raise other serious legal issues,” though it did not spell out what those rights and legal concerns are.

The announcement dropped on the same day U.S. President Donald Trump declared “a national emergency” over technology supply chain threats from the country’s “foreign adversaries”.

The Commerce Department said it has a reasonable basis to conclude that “Huawei is engaged in activities that are contrary to U.S. national security or foreign policy interest.”

Some of the U.S’s allies including the U.K. are still investigating Huawei’s possible security threat and deciding how close a link they should keep with Huawei, but the Shenzhen-based company has already taken a bold step to give its potential clients some assurance.

Just this Tuesday, Huawei told reporters in London that it’s “willing to sign no-spy agreements with governments, including the U.K. government,” and commit itself to making its equipment “meet the no-spy, no-backdoors standard.”

The U.S.’s tit-for-tat with Huawei also includes the push to arrest the company’s CFO Meng Wanzhou on charges that Huawei did business in Iran in breach of U.S. sanctions.

Crunch Report | Telegram and Instagram Are Being Restricted in Iran

Amazon Prime shipped 5 billion Items in 2017, SuperMeat gets $3 million in funding and Telegram and Instagram are being restricted in Iran. All this on Crunch Report. Read More

Iranian film 'The Salesman' wins Oscar in biggest political statement of the night

TwitterFacebook

Director Asghar Farhadi’s absence at the Oscars on Sunday spoke almost as loudly as the award itself.

The Iranian filmmaker, who won his second Oscar for The Salesman, did not accept the award in person because he and other members of the film’s cast boycotted the awards following President Donald Trump’s travel ban.

It’s a great honor to be receiving this valuable award for a second time,” Iranian-American engineer Anousheh Ansari said reading a statement from Farhadi on stage. “I’m sorry I’m not with you tonight, my absence is out of respect for the people of my country and those of the other six nations who have been disrespected by the inhumane law that bans entry of immigrants to the U.S.” Read more…

More about Asghar Farhadi, Oscars 2017, Film, The Salesman, and Iran

Powered by WPeMatico

18-year-old chess grandmaster gets kicked off Iran national team for not wearing a headscarf

TwitterFacebook

An 18-year-old Iranian chess grandmaster has been kicked off the national team after she showed up for a game not wearing a hijab.

Dorsa Derakhshani was competing in a chess tournament in Gibraltar earlier this month.

However, she failed to wear a hijab, or traditional headscarf, which is compulsory wear for Iranian women in public.

Derakhshani, who is a student in Spain, will be barred from representing Iran, as well as banned from playing in any tournaments in Iran.

Separately, her younger brother, Borna, was also playing at the Tradewise Gibraltar Chess Festival. The 15-year-old was similarly barred from the team — a punishment for playing against Alexander Huzman, of Israel. Read more…

More about Chess, Hijab, Iran, and World

Powered by WPeMatico